Cap Bandit below 1.6.0 and update Sphinx requirement

Bandit 1.6.0 accidentally changed how the exclusion list option is handled and breaks our use of it. Cap to the previous version until Bandit has fixed the problem. Sphinx 2.0 no longer works on python 2.7, so we need to start capping it there as well. Change-Id: Ib8da5b64084d5c9b7b7d896d6b7bb7844c0b9e90 Reference: https://github.com/PyCQA/bandit/pull/489
2019-05-13 18:00:50 +00:00 · 2019-05-13 18:00:50 +00:00 · a6313baf65
parent 053243445c
commit a6313baf65
2 changed files with 5 additions and 3 deletions
--- a/doc/requirements.txt
+++ b/doc/requirements.txt
@ -2,7 +2,8 @@
 # of appearance. Changing the order has an impact on the overall integration
 # process, which may cause wedges in the gate later.

-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD
 openstackdocstheme>=1.18.1 # Apache-2.0
 reno>=2.5.0 # Apache-2.0
 fixtures>=3.0.0 # Apache-2.0/BSD
--- a/test-requirements.txt
+++ b/test-requirements.txt
@ -20,13 +20,14 @@ oslo.log>=3.36.0  # Apache-2.0
 coverage!=4.4,>=4.0 # Apache-2.0

 # this is required for the sphinx extension
-sphinx!=1.6.6,!=1.6.7,>=1.6.2 # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2,<2.0.0;python_version=='2.7' # BSD
+sphinx!=1.6.6,!=1.6.7,>=1.6.2;python_version>='3.4' # BSD

 # mocking framework
 mock>=2.0.0 # BSD
 requests_mock>=1.5.0 # Apache-2.0

 # Bandit security code scanner
-bandit>=1.1.0 # Apache-2.0
+bandit>=1.1.0,<1.6.0 # Apache-2.0

 reno>=2.5.0 # Apache-2.0